Discretionary access control, based on checking access requests against users' authorizations, does not provide any way of restricting the usage of information once it has been 'legally' accessed. This makes discretionary systems vulnerable to Trojan Horses maliciously leaking information. Therefore the need arises for providing additional controls limiting the indiscriminate flow of information in the system. This paper proposes a message filter complementing discretionary authorization control in object-oriented systems to limit the vulnerability of authorization systems to Trojan Horses. The encapsulation property of the object-oriented data model, which requires that access to objects be possible only through defined methods, makes information flow in such systems have a very concrete and natural embodiment in the form of messages and their replies. As a result, information information flow can be controlled by mediating the transmission of messages exchanged between objects. The message filter intercepts every message exchanged between objects to ensure that information is not leaked to objects accessible by users not allowed for it.
High Assurance Discretionary Access Control for Object Bases / E. Bertino, P. Samarati, S. Jajodia - In: Proc. of the 1st ACM Conference on Computer and Communications Security[s.l] : ACM, 1993. - ISBN 0-89791-629-8. - pp. 140-150 (( Intervento presentato al 1. convegno Proc. of the 1st ACM Conference on Computer and Communications Security tenutosi a Fairfax, VA, USA nel 1993 [10.1145/168588.168606].
High Assurance Discretionary Access Control for Object Bases
P. SamaratiSecondo
;
1993
Abstract
Discretionary access control, based on checking access requests against users' authorizations, does not provide any way of restricting the usage of information once it has been 'legally' accessed. This makes discretionary systems vulnerable to Trojan Horses maliciously leaking information. Therefore the need arises for providing additional controls limiting the indiscriminate flow of information in the system. This paper proposes a message filter complementing discretionary authorization control in object-oriented systems to limit the vulnerability of authorization systems to Trojan Horses. The encapsulation property of the object-oriented data model, which requires that access to objects be possible only through defined methods, makes information flow in such systems have a very concrete and natural embodiment in the form of messages and their replies. As a result, information information flow can be controlled by mediating the transmission of messages exchanged between objects. The message filter intercepts every message exchanged between objects to ensure that information is not leaked to objects accessible by users not allowed for it.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
